gitlab-org--gitlab-foss/app/uploaders/uploader_helper.rb

# Extra methods for uploader
module UploaderHelper
  IMAGE_EXT = %w[png jpg jpeg gif bmp tiff].freeze
  # We recommend using the .mp4 format over .mov. Videos in .mov format can
  # still be used but you really need to make sure they are served with the
  # proper MIME type video/mp4 and not video/quicktime or your videos won't play
  # on IE >= 9.
  # http://archive.sublimevideo.info/20150912/docs.sublimevideo.net/troubleshooting.html
  VIDEO_EXT = %w[mp4 m4v mov webm ogv].freeze
  # These extension types can contain dangerous code and should only be embedded inline with
  # proper filtering. They should always be tagged as "Content-Disposition: attachment", not "inline".
  DANGEROUS_EXT = %w[svg].freeze

  def image?
    extension_match?(IMAGE_EXT)
  end

  def video?
    extension_match?(VIDEO_EXT)
  end

  def image_or_video?
    image? || video?
  end

  def dangerous?
    extension_match?(DANGEROUS_EXT)
  end

  def extension_match?(extensions)
    return false unless file

    extension =
      if file.respond_to?(:extension)
        file.extension
      else
        # Not all CarrierWave storages respond to :extension
        File.extname(file.path).delete('.')
      end

    extensions.include?(extension.downcase)
  end

  def file_storage?
    self.class.storage == CarrierWave::Storage::File
  end
end
Remove duplicate methods in uploaders Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-11-14 18:29:58 +00:00			`# Extra methods for uploader`
			`module UploaderHelper`
Enable Style/MutableConstant 2017-02-21 23:32:18 +00:00			`IMAGE_EXT = %w[png jpg jpeg gif bmp tiff].freeze`
Remove duplication, useless rescue, and avoid using ActionView Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-07-08 16:55:49 +00:00			`# We recommend using the .mp4 format over .mov. Videos in .mov format can`
			`# still be used but you really need to make sure they are served with the`
Remove VideoJS and clean the integration Handle videos in: - MD preview in notes: commit, issue/MR, MR diff - New notes in: commit, issue/MR, MR diff - Persisted notes in: commit, issue/MR, MR diff Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-07-12 17:28:39 +00:00			`# proper MIME type video/mp4 and not video/quicktime or your videos won't play`
			`# on IE >= 9.`
Remove duplication, useless rescue, and avoid using ActionView Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-07-08 16:55:49 +00:00			`# http://archive.sublimevideo.info/20150912/docs.sublimevideo.net/troubleshooting.html`
Enable Style/MutableConstant 2017-02-21 23:32:18 +00:00			`VIDEO_EXT = %w[mp4 m4v mov webm ogv].freeze`
Merge branch 'svg-xss-fix' into 'security' Fix for XSS vulnerability in SVG attachments See https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2059 2017-02-13 22:42:46 +00:00			`# These extension types can contain dangerous code and should only be embedded inline with`
			`# proper filtering. They should always be tagged as "Content-Disposition: attachment", not "inline".`
Enable Style/MutableConstant 2017-02-21 23:32:18 +00:00			`DANGEROUS_EXT = %w[svg].freeze`
First support of videos in issues, MRs and notes * Registered video MIME types * Currently supporting browser-supported formats with extensions that match the mime type 2016-04-03 05:00:06 +00:00
Remove duplicate methods in uploaders Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-11-14 18:29:58 +00:00			`def image?`
First support of videos in issues, MRs and notes * Registered video MIME types * Currently supporting browser-supported formats with extensions that match the mime type 2016-04-03 05:00:06 +00:00			`extension_match?(IMAGE_EXT)`
			`end`

			`def video?`
			`extension_match?(VIDEO_EXT)`
			`end`

			`def image_or_video?`
			`image? \|\| video?`
			`end`

Merge branch 'svg-xss-fix' into 'security' Fix for XSS vulnerability in SVG attachments See https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2059 2017-02-13 22:42:46 +00:00			`def dangerous?`
			`extension_match?(DANGEROUS_EXT)`
			`end`

First support of videos in issues, MRs and notes * Registered video MIME types * Currently supporting browser-supported formats with extensions that match the mime type 2016-04-03 05:00:06 +00:00			`def extension_match?(extensions)`
Remove VideoJS and clean the integration Handle videos in: - MD preview in notes: commit, issue/MR, MR diff - New notes in: commit, issue/MR, MR diff - Persisted notes in: commit, issue/MR, MR diff Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-07-12 17:28:39 +00:00			`return false unless file`

Remove duplication, useless rescue, and avoid using ActionView Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-07-08 16:55:49 +00:00			`extension =`
			`if file.respond_to?(:extension)`
			`file.extension`
			`else`
			`# Not all CarrierWave storages respond to :extension`
			`File.extname(file.path).delete('.')`
			`end`

			`extensions.include?(extension.downcase)`
Remove duplicate methods in uploaders Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-11-14 18:29:58 +00:00			`end`

			`def file_storage?`
			`self.class.storage == CarrierWave::Storage::File`
			`end`
			`end`